overleaf/services/web/app/coffee/Features/Subscription/TeamInvitesHandler.coffee

175 lines
6.3 KiB
CoffeeScript
Raw Normal View History

logger = require("logger-sharelatex")
crypto = require("crypto")
2018-06-01 10:23:25 +00:00
async = require("async")
settings = require("settings-sharelatex")
2018-05-31 10:54:50 +00:00
ObjectId = require("mongojs").ObjectId
TeamInvite = require("../../models/TeamInvite").TeamInvite
Subscription = require("../../models/Subscription").Subscription
UserGetter = require("../User/UserGetter")
SubscriptionLocator = require("./SubscriptionLocator")
2018-05-31 10:54:50 +00:00
SubscriptionUpdater = require("./SubscriptionUpdater")
LimitationsManager = require("./LimitationsManager")
EmailHandler = require("../Email/EmailHandler")
EmailHelper = require("../Helpers/EmailHelper")
Errors = require "../Errors/Errors"
module.exports = TeamInvitesHandler =
getInvite: (token, callback) ->
Subscription.findOne 'teamInvites.token': token, (err, subscription) ->
2018-06-01 10:23:25 +00:00
return callback(err) if err?
return callback(new Errors.NotFoundError('team not found')) unless subscription?
2018-05-31 10:54:50 +00:00
invite = subscription.teamInvites.find (i) -> i.token == token
return callback(null, invite, subscription)
2018-05-31 10:54:50 +00:00
2018-06-07 14:35:18 +00:00
createInvite: (teamManagerId, email, callback) ->
2018-06-11 14:22:42 +00:00
email = EmailHelper.parseEmail(email)
return callback(new Error('invalid email')) if !email?
2018-06-01 10:23:25 +00:00
logger.log {teamManagerId, email}, "Creating manager team invite"
UserGetter.getUser teamManagerId, (error, teamManager) ->
return callback(error) if error?
SubscriptionLocator.getUsersSubscription teamManagerId, (error, subscription) ->
return callback(error) if error?
2018-05-31 10:54:50 +00:00
if teamManager.first_name and teamManager.last_name
inviterName = "#{teamManager.first_name} #{teamManager.last_name} (#{teamManager.email})"
else
inviterName = teamManager.email
2018-05-31 10:54:50 +00:00
removeLegacyInvite subscription.id, email, (error) ->
return callback(error) if error?
createInvite(subscription, email, inviterName, callback)
2018-05-31 10:54:50 +00:00
createDomainInvite: (user, licence, callback) ->
2018-06-11 14:22:42 +00:00
email = EmailHelper.parseEmail(user.email)
return callback(new Error('invalid email')) if !email?
logger.log {licence, email: email}, "Creating domain team invite"
inviterName = licence.name.replace(/\s+licence$/i, licence.name)
SubscriptionLocator.getSubscription licence.subscription_id, (error, subscription) ->
return callback(error) if error?
2018-06-11 14:22:42 +00:00
createInvite(subscription, email, inviterName, callback)
2018-06-18 13:18:23 +00:00
importInvite: (subscription, inviterName, email, token, sentAt, callback) ->
checkIfInviteIsPossible subscription, email, (error, possible, reason) ->
return callback(error) if error?
return callback(reason) unless possible
subscription.teamInvites.push({
email: email
inviterName: inviterName
token: token
sentAt: sentAt
})
subscription.save callback
2018-05-31 10:54:50 +00:00
acceptInvite: (token, userId, callback) ->
2018-06-01 10:23:25 +00:00
logger.log {userId}, "Accepting invite"
TeamInvitesHandler.getInvite token, (err, invite, subscription) ->
2018-05-31 10:54:50 +00:00
return callback(err) if err?
return callback(new Errors.NotFoundError('invite not found')) unless invite?
2018-05-31 10:54:50 +00:00
SubscriptionUpdater.addUserToGroup subscription.admin_id, userId, (err) ->
2018-05-31 10:54:50 +00:00
return callback(err) if err?
2018-06-01 10:23:25 +00:00
removeInviteFromTeam(subscription.id, invite.email, callback)
2018-05-31 10:54:50 +00:00
revokeInvite: (teamManagerId, email, callback) ->
2018-06-11 14:22:42 +00:00
email = EmailHelper.parseEmail(email)
return callback(new Error('invalid email')) if !email?
2018-06-01 10:23:25 +00:00
logger.log {teamManagerId, email}, "Revoking invite"
2018-05-31 10:54:50 +00:00
SubscriptionLocator.getUsersSubscription teamManagerId, (err, teamSubscription) ->
return callback(err) if err?
2018-06-01 10:23:25 +00:00
removeInviteFromTeam(teamSubscription.id, email, callback)
2018-05-30 12:06:27 +00:00
# Legacy method to allow a user to receive a confirmation email if their
# email is in Subscription.invited_emails when they join. We'll remove this
# after a short while.
createTeamInvitesForLegacyInvitedEmail: (email, callback) ->
SubscriptionLocator.getGroupsWithEmailInvite email, (err, teams) ->
return callback(err) if err?
async.map teams,
2018-06-07 14:35:18 +00:00
(team, cb) -> TeamInvitesHandler.createInvite(team.admin_id, email, cb)
, callback
2018-06-01 10:23:25 +00:00
createInvite = (subscription, email, inviterName, callback) ->
logger.log {subscriptionId: subscription.id, email, inviterName}, "Creating invite"
checkIfInviteIsPossible subscription, email, (error, possible, reason) ->
2018-06-01 14:37:09 +00:00
return callback(error) if error?
return callback(reason) unless possible
2018-05-31 10:54:50 +00:00
invite = subscription.teamInvites.find (invite) -> invite.email == email
if !invite?
2018-06-06 16:11:25 +00:00
invite = {
email: email
inviterName: inviterName
token: crypto.randomBytes(32).toString("hex")
sentAt: new Date()
}
subscription.teamInvites.push(invite)
2018-06-06 16:11:25 +00:00
else
invite.sentAt = new Date()
2018-05-31 10:54:50 +00:00
subscription.save (error) ->
return callback(error) if error?
2018-05-30 12:06:27 +00:00
opts =
to: email
inviterName: inviterName
acceptInviteUrl: "#{settings.siteUrl}/subscription/invites/#{invite.token}/"
2018-06-06 16:11:25 +00:00
appName: settings.appName
EmailHandler.sendEmail "verifyEmailToJoinTeam", opts, (error) ->
return callback(error, invite)
2018-05-30 12:06:27 +00:00
2018-06-01 10:23:25 +00:00
removeInviteFromTeam = (subscriptionId, email, callback) ->
searchConditions = { _id: new ObjectId(subscriptionId.toString()) }
removeInvite = { $pull: { teamInvites: { email: email } } }
logger.log {subscriptionId, email, searchConditions, removeInvite}, 'removeInviteFromTeam'
async.series [
(cb) -> Subscription.update(searchConditions, removeInvite, cb),
(cb) -> removeLegacyInvite(subscriptionId, email, cb),
], callback
removeLegacyInvite = (subscriptionId, email, callback) ->
Subscription.update({
_id: new ObjectId(subscriptionId.toString())
}, {
$pull: {
2018-06-11 14:22:42 +00:00
invited_emails: email
}
}, callback)
2018-06-01 10:23:25 +00:00
checkIfInviteIsPossible = (subscription, email, callback = (error, possible, reason) -> ) ->
unless subscription.groupPlan
logger.log {subscriptionId: subscription.id},
"can not add members to a subscription that is not in a group plan"
return callback(null, false, wrongPlan: true)
2018-06-01 10:23:25 +00:00
if LimitationsManager.teamHasReachedMemberLimit(subscription)
logger.log {subscriptionId: subscription.id}, "team has reached member limit"
return callback(null, false, limitReached: true)
UserGetter.getUserByAnyEmail email, (error, existingUser) ->
2018-06-01 10:23:25 +00:00
return callback(error) if error?
return callback(null, true) unless existingUser?
2018-06-01 10:23:25 +00:00
existingMember = subscription.member_ids.find (memberId) ->
memberId.toString() == existingUser._id.toString()
2018-05-30 12:06:27 +00:00
2018-06-01 10:23:25 +00:00
if existingMember
logger.log {subscriptionId: subscription.id, email}, "user already in team"
return callback(null, false, alreadyInTeam: true)
else
return callback(null, true)